Search results for: management of information security

Authors: Karim Abouelmehdi, Loubna Dali, Elmoutaoukkil Abdelmajid, Hoda Elsayed Eladnani Fatiha, Benihssane Abderahim

Abstract:

The security of cloud services is the concern of cloud service providers. In this paper, we will mention different classifications of cloud attacks referred by specialized organizations. Each agency has its classification of well-defined properties. The purpose is to present a high-level classification of current research in cloud computing security. This classification is organized around attack strategies and corresponding defenses.

Keywords: Cloud computing, security, classification, risk.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2033

Authors: Shaya Alshahrani

Abstract:

Perceived risks play a major role in consumer intentions, behaviors, attitudes, and decisions about online shopping in the KSA. This paper investigates the influence of six perceived risk dimensions on Saudi consumers: product risk, information risk, financial risk, privacy and security risk, delivery risk, and terms and conditions risk empirically. To ensure the success of this study, a random survey was distributed to reflect the consumers’ perceived risk and to enable the generalization of the results. Data were collected from 323 respondents in the Kingdom of Saudi Arabia (KSA): 50 who had never shopped online and 273 who had done so. The results indicated that all six risks influenced the respondents’ perceptions of online shopping. The non-online shoppers perceived financial and delivery risks as the most significant barriers to online shopping. This was followed closely by performance, information, and privacy and security risks. Terms and conditions were perceived as less significant. The online consumers considered delivery and performance risks to be the most significant influences on internet shopping. This was followed closely by information and terms and conditions. Financial and privacy and security risks were perceived as less significant. This paper argues that introducing adequate legal solutions to addressing related problems arising from this study is an urgent need. This may enhance consumer trust in the KSA online market, increase consumers’ intentions regarding online shopping, and improve consumer protection.

Keywords: Perceived risk, consumer protection, online shopping, Saudi Arabia, online contracts, e-commerce.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 843

Authors: Shu-Hui Jan, Hui-Ping Tserng, Shih-Ping Ho

Abstract:

Construction project control attempts to obtain real-time as-built schedule information and to eliminate project delays by effectively enhancing dynamic schedule control and management. Suitable platforms for enhancing an as-built schedule visually during the construction phase are necessary and important for general contractors. As the application of building information modeling (BIM) becomes more common, schedule management integrated with the BIM approach becomes essential to enhance visual construction management implementation for the general contractor during the construction phase. To enhance visualization of the updated as-built schedule for the general contractor, this study presents a novel system called the Construction BIM-assisted Schedule Management (ConBIM-SM) system for general contractors in Taiwan. The primary purpose of this study is to develop a web ConBIM-SM system for the general contractor to enhance visual as-built schedule information sharing and efficiency in tracking construction as-built schedule. Finally, the ConBIM-SM system is applied to a case study of a commerce building project in Taiwan to verify its efficacy and demonstrate its effectiveness during the construction phase. The advantages of the ConBIM-SM system lie in improved project control and management efficiency for general contractors, and in providing BIM-assisted as-built schedule tracking and management, to access the most current as-built schedule information through a web browser. The case study results show that the ConBIM-SM system is an effective visual as-built schedule management platform integrated with the BIM approach for general contractors in a construction project.

Keywords: BIM, Building information modeling, construction schedule management, as-built schedule management, BIM schedule updating mechanism.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3358

Authors: B. Ferdousi, J. Bari

Abstract:

With advancement of mobile computing, employees are increasingly doing their job-related works using personally owned mobile devices or organization owned devices. The Bring Your Own Device (BYOD) model allows employees to use their own mobile devices for job-related works, while Corporate Owned, Personally Enabled (COPE) model allows both organizations and employees to install applications onto organization-owned mobile devices used for job-related works. While there are many benefits of using mobile computing for job-related works, there are also serious concerns of different levels of threats to the organizational data security. Consequently, it is crucial to know the level of threat to the organizational data security in the BOYD and COPE models. It is also important to ensure that employees comply with the organizational data security policy. This paper discusses the organizational data security issues in perspective of ownership of mobile devices used by employees, especially in BYOD and COPE models. It appears that while the BYOD model has many benefits, there are relatively more data security risks in this model than in the COPE model. The findings also showed that in both BYOD and COPE environments, a more practical approach towards achieving secure mobile computing in organizational setting is through the development of comprehensive cybersecurity policies balancing employees’ need for convenience with organizational data security. The study helps to figure out the compliance and the risks of security breach in BYOD and COPE models.

Keywords: Data security, mobile computing, BYOD, COPE, cybersecurity policy, cybersecurity compliance.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 280

Authors: Amjad Nusayr

Abstract:

Software security is a general term used to any type of software architecture or model in which security aspects are incorporated in this architecture. These aspects are not part of the main logic of the underlying program. Software security can be achieved using a combination of approaches including but not limited to secure software designs, third part component validation, and secure coding practices. Memory safety is one feature in software security where we ensure that any object in memory is have a valid pointer or a reference with a valid type. Aspect Oriented Programming (AOP) is a paradigm that is concerned with capturing the cross-cutting concerns in code development. AOP is generally used for common cross-cutting concerns like logging and Database transaction managing. In this paper we introduce the concepts that enable AOP to be used for the purpose of memory and type safety. We also present ideas for extending AOP in software security practices.

Keywords: Aspect oriented programming, programming languages, software security, memory and type safety.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 356

Authors: Denis Trcek

Abstract:

Trust is essential for further and wider acceptance of contemporary e-services. It was first addressed almost thirty years ago in Trusted Computer System Evaluation Criteria standard by the US DoD. But this and other proposed approaches of that period were actually solving security. Roughly some ten years ago, methodologies followed that addressed trust phenomenon at its core, and they were based on Bayesian statistics and its derivatives, while some approaches were based on game theory. However, trust is a manifestation of judgment and reasoning processes. It has to be dealt with in accordance with this fact and adequately supported in cyber environment. On the basis of the results in the field of psychology and our own findings, a methodology called qualitative algebra has been developed, which deals with so far overlooked elements of trust phenomenon. It complements existing methodologies and provides a basis for a practical technical solution that supports management of trust in contemporary computing environments. Such solution is also presented at the end of this paper.

Keywords: internet security, trust management, multi-agent systems, reasoning and judgment, modeling and simulation, qualitativealgebra

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1534

Authors: Vinay Gautam, Vivek Gautam

Abstract:

With increase in the unauthorized users access, it is required to increase the security in the Near Field Communication (NFC). In the paper we propose a user behavior based enhanced protocol entitled ‘User Behavior based Enhanced Protocol (UBEP)’ to increase the security in NFC enabled devices. The UBEP works on the history of interaction of a user with system.The propose protocol considers four different factors (touch, time and distance & angle) of user behavior to know the authenticity or authorization of the users. These factors can be same for a user during interaction with the system. The UBEP uses two phase user verification system to authenticate a user. Firstly the acquisition phase is used to acquire and store the user interaction with NFC device and the same information is used in future to detect the authenticity of the user. The second phase (recognition) uses analysis of current and previous scenario of user interaction and digital signature verification system to finally authenticate user. The analysis of user based input makes a NFC transaction more advance and secure. This security is very tactical because it is completely depends on usage of the device.

Keywords: Security, Network Field communication, NFC Protocol.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1947

Authors: Omaima Bamasak

Abstract:

This paper presents a novel method that allows an agent host to delegate its signing power to an anonymous mobile agent in such away that the mobile agent does not reveal any information about its host-s identity and, at the same time, can be authenticated by the service host, hence, ensuring fairness of service provision. The solution introduces a verification server to verify the signature generated by the mobile agent in such a way that even if colluding with the service host, both parties will not get more information than what they already have. The solution incorporates three methods: Agent Signature Key Generation method, Agent Signature Generation method, Agent Signature Verification method. The most notable feature of the solution is that, in addition to allowing secure and anonymous signature delegation, it enables tracking of malicious mobile agents when a service host is attacked. The security properties of the proposed solution are analyzed, and the solution is compared with the most related work.

Keywords: Anonymous signature delegation, collusion resistance, e-commerce fairness, mobile agent security.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1405

Authors: Petra Horváthová, Irena Durdová

Abstract:

The article is aimed at bringing information on the scope and the level of use of talent management by organizations in one of the Czech Republic regions, in the Moravian-Silesian Region. On the basis of data acquired by a questionnaire survey it has been found out that organizations in the above-mentioned region are implementing the system of talent management on a small scale: this approach is used by 3.8 % of organizations only that is 9 from 237 (100 %) of the approached respondents. The main reasons why this approach is not used is either that organizations have no knowledge of it or there is lack of financial and personnel resources. In the article recommendations suggested by the author can be found for a wider application of talent management in the Czech practice.

Keywords: Talent, talent management, use, mind map of talent management.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2118

Authors: Emin Islam Tatlı, Dirk Stegemann, Stefan Lucks

Abstract:

Encryption protects communication partners from disclosure of their secret messages but cannot prevent traffic analysis and the leakage of information about “who communicates with whom". In the presence of collaborating adversaries, this linkability of actions can danger anonymity. However, reliably providing anonymity is crucial in many applications. Especially in contextaware mobile business, where mobile users equipped with PDAs request and receive services from service providers, providing anonymous communication is mission-critical and challenging at the same time. Firstly, the limited performance of mobile devices does not allow for heavy use of expensive public-key operations which are commonly used in anonymity protocols. Moreover, the demands for security depend on the application (e.g., mobile dating vs. pizza delivery service), but different users (e.g., a celebrity vs. a normal person) may even require different security levels for the same application. Considering both hardware limitations of mobile devices and different sensitivity of users, we propose an anonymity framework that is dynamically configurable according to user and application preferences. Our framework is based on Chaum-s mixnet. We explain the proposed framework, its configuration parameters for the dynamic behavior and the algorithm to enforce dynamic anonymity.

Keywords: Anonymity, context-awareness, mix-net, mobile business, policy management

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1663

Authors: C. Mallada Fernández

Abstract:

Economic development and globalization of international markets have created a favourable atmosphere for the emergence of new forms of crime such as money laundering or financing of terrorism, which may contribute to destabilized and damage economic systems. In particular, money laundering have acquired great importance since the 11S attacks, what has caused on the one hand, the establishment and development of preventive measures and, on the other hand, a progressive hardening of penal measures. Since then, the regulations imposed to fight against money laundering have been viewed as key components also in the fight against terrorist financing. Terrorism, at the beginning, was a “national” crime connected with internal problems of the State (for instance the RAF in Germany or ETA in Spain) but in the last 20 years has started to be an international problem that is connected with the defence and security of the States. Therefore, the new strategic concept for the defense and security of NATO has a comprehensive list of security threats to the Alliance, such as terrorism, international instability, money laundering or attacks on cyberspace, among others. With this new concept, money laundering and terrorism has become a priority in the national defense.

In this work we will analyze the methods to combat these new threats to the national security. We will study the preventive legislations to combat money laundering and financing of terrorism, the UIF that exchange information between States, and the hawala-Banking.

Keywords: Control of financial flows, money laundering, terrorism, financing of terrorism.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2842

Authors: S. Raja Ratna, R. Ravi

Abstract:

Wireless networks are built upon the open shared medium which makes easy for attackers to conduct malicious activities. Jamming is one of the most serious security threats to information economy and it must be dealt efficiently. Jammer prevents legitimate data to reach the receiver side and also it seriously degrades the network performance. The objective of this paper is to provide a general overview of jamming in wireless network. It covers relevant works, different jamming techniques, various types of jammers and typical prevention techniques. Challenges associated with comparing several anti-jamming techniques are also highlighted.

Keywords: Channel, Cryptography, Frequency, Jamming, Legitimate, Security, Wavelength.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3116

Authors: Mohammad Reza Ayatollahzadeh Shirazi, Pooya Jaferian, Golnaz Elahi, Hamid Baghi, Babak Sadeghian

Abstract:

The world is moving rapidly toward the deployment of information and communication systems. Nowadays, computing systems with their fast growth are found everywhere and one of the main challenges for these systems is increasing attacks and security threats against them. Thus, capturing, analyzing and verifying security requirements becomes a very important activity in development process of computing systems, specially in developing systems such as banking, military and e-business systems. For developing every system, a process model which includes a process, methods and tools is chosen. The Rational Unified Process (RUP) is one of the most popular and complete process models which is used by developers in recent years. This process model should be extended to be used in developing secure software systems. In this paper, the Requirement Discipline of RUP is extended to improve RUP for developing secure software systems. These proposed extensions are adding and integrating a number of Activities, Roles, and Artifacts to RUP in order to capture, document and model threats and security requirements of system. These extensions introduce a group of clear and stepwise activities to developers. By following these activities, developers assure that security requirements are captured and modeled. These models are used in design, implementation and test activitie

Keywords:

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2759

Authors: Anna Angelini, Enrica Gentile, Paola Plantamura, Vito Leonardo Plantamura

Abstract:

A suitable e-learning system management needs to carry out a web-information system in order to allow integrated fruition of data and metadata concerning the activities typical of elearning environment. The definition of a “web information system" for e-learning takes advantage of the potentialities of Web technologies both as for the access to metadata present on the several platforms, and as for the implementation of courseware which make up the relative didactic environment. What information systems have in common is the technological environment on which they are generally implemented and the use of metadata in order to structure information at all cognitive and organization levels. In this work we are going to define a methodology for the implementation of a specific web information system for an e-learning environment.

Keywords: e-learning, information systems, coursemanagement, web-based system.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1541

Authors: Kemkanit Sanyanunthana

Abstract:

The purpose of this research is to study the management system of information technology which supports the education of five private universities in Thailand, according to the case studies which have been developing their qualities and standards of management and education by service provision of information technology to support the excellence performance. The concept to connect information technology with a suitable system has been created by information technology administrators for development, as a system that can be used throughout the organizations to help reach the utmost benefits of using all resources. Hence, the researcher as a person who has been performing these duties within higher education is interested to do this research by selecting the Control Objective for Information and Related Technology 5 (COBIT 5) for the Malcolm Baldrige National Quality Award (MBNQA) of America, or the National Award which applies the concept of Total Quality Management (TQM) to the organization evaluation. Such evaluation is called the Education Criteria for Performance Excellence (EdPEx) focuses on studying and comparing education quality development for excellent performance using COBIT 5 in terms of information technology to study the problems and obstacles of the investigation process for an information technology system, which is considered as an instrument to drive all organizations to reach the excellence performance of the information technology, and to be the model of evaluation and analysis of the process to be in accordance with the strategic plans of the information technology in the universities. This research is conducted in the form of descriptive and survey research according to the case studies. The data collection were carried out by using questionnaires through the administrators working related to the information technology field, and the research documents related to the change management as the main study. The research can be concluded that the performance based on the APO domain process (ALIGN, PLAN AND ORGANISE) of the COBIT 5 standard frame, which emphasizes concordant governance and management of strategic plans for the organizations, could reach only 95%. This might be because of some restrictions such as organizational cultures; therefore, the researcher has studied and analyzed the management of information technology in universities as a whole, under the organizational structures, to reach the performance in accordance with the overall APO domain which would affect the determined strategic plans to be able to develop based on the excellence performance of information technology, and to apply the risk management system at the organizational level into every performance process which would develop the work effectiveness for the resources management of information technology to reach the utmost benefits. 

Keywords: COBIT 5, APO, EdPEx Criteria, MBNQA.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1447

Authors: Masaaki Saito, Qin Tang, Hiroyuki Umemuro

Abstract:

The purpose of this paper is to propose a text mining approach to evaluate companies- practices on affective management. Affective management argues that it is critical to take stakeholders- affects into consideration during decision-making process, along with the traditional numerical and rational indices. CSR reports published by companies were collected as source information. Indices were proposed based on the frequency and collocation of words relevant to affective management concept using text mining approach to analyze the text information of CSR reports. In addition, the relationships between the results obtained using proposed indices and traditional indicators of business performance were investigated using correlation analysis. Those correlations were also compared between manufacturing and non-manufacturing companies. The results of this study revealed the possibility to evaluate affective management practices of companies based on publicly available text documents.

Keywords: Affective management, Affect, Stakeholder, Text mining.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1807

Authors: Rony H. Rahman, Lutfar Rahman

Abstract:

Ad hoc networks are characterized by multi-hop wireless connectivity and frequently changing network topology. Forming security association among a group of nodes in ad-hoc networks is more challenging than in conventional networks due to the lack of central authority, i.e. fixed infrastructure. With that view in mind, group key management plays an important building block of any secure group communication. The main contribution of this paper is a low complexity key management scheme that is suitable for fully self-organized ad-hoc networks. The protocol is also password authenticated, making it resilient against active attacks. Unlike other existing key agreement protocols, ours make no assumption about the structure of the underlying wireless network, making it suitable for “truly ad-hoc" networks. Finally, we will analyze our protocol to show the computation and communication burden on individual nodes for key establishment.

Keywords: Ad-hoc Networks, Group Key Management, Key Management Protocols, Password Authentication

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1722

Authors: R. Chithra, B. Kalavathi, J. Christy Lavanya

Abstract:

WiMAX is a telecommunications technology and it is specified by the Institute of Electrical and Electronics Engineers Inc., as the IEEE 802.16 standard. The goal of this technology is to provide a wireless data over long distances in a variety of ways. IEEE 802.16 is a recent standard for mobile communication. In this paper, we provide an overview of various key management algorithms to provide security for WiMAX.

Keywords: Broadcast, Rekeying, Scalability, Secrecy, Unicast, WiMAX.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1994

Authors: Alfred Kamate Siviri, Angelus Mafikiri Tsongo, Jean Robert Kala Kamdjoug

Abstract:

Well organized digitalization and information systems have been selected as relevant measures to mitigate operational risks within organizations. Unfortunately, information system comes with new threats that can cause severe damage and quick organization lockout. This study aims to measure perceived information system risks and their effects on operational risks within the microfinance institution in D.R. Congo. Also, the factors influencing the operational risk are to be identified, and the link between operational risk with other risks and performance is to be assessed. The study proposes a research model drawn on the combination of Resources-Based-View, dynamic capabilities, the agency theory, the Information System Security Model, and social theories of risk. Therefore, we suggest adopting a mixed methods research with the sole aim of increasing the literature that already exists on perceived operational risk assessment and its link with other risk and performance, with a focus on information system risks.

Keywords: information system risk, operational risk, microfinance performance, DR Congo

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 553

Authors: B. E. Narkhede, S. K. Mahajan, B. T. Patil, R. D. Raut

Abstract:

Information quality is a major performance measure for an Enterprise Resource Planning (ERP) system of any firm. This study identifies various critical success factors of information quality. The effect of various critical success factors like project management, reengineering efforts and interdepartmental communications on information quality is analyzed using a multiple regression model. Here quantitative data are collected from respondents from various firms through structured questionnaire for assessment of the information quality, project management, reengineering efforts and interdepartmental communications. The validity and reliability of the data are ensured using techniques like factor analysis, computing of Cronbach’s alpha. This study gives relative importance of each of the critical success factors. The findings suggest that among the various factors influencing information quality careful reengineering efforts are the most influencing factor. This paper gives clear insight to managers and practitioners regarding the relative importance of critical success factors influencing information quality so that they can formulate a strategy at the beginning of ERP system implementation.

Keywords: Enterprise resource planning, information systems, multiple regression, information quality.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2076

Authors: Firoz Khan

Abstract:

Privacy of RFID systems is receiving increasing attention in the RFID community. RFID privacy is important as the RFID tags will be attached to all kinds of products and physical objects including people. The possible abuse or excessive use of RFID tracking capability by malicious users can lead to potential privacy violations. In this paper, we will discuss how the different industries use RFID and the potential privacy and security issues while RFID is implemented in these industries. Although RFID technology offers interesting services to customer and retailers, it could also endanger the privacy of end-users. Personal data can be leaked if a protection mechanism is not deployed in the RFID systems. The paper summarizes many different solutions for implementing privacy and security while deploying RFID systems.

Keywords: RFID, privacy, security, encryption.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 930

Authors: Sindhu Govardhan, Kenneth G. Crowther

Abstract:

Modernisation of the water sector is leading to increased connectivity and integration of emerging technologies with traditional ones, leading to new security risks. The convergence of Information Technology (IT) with Operation Technology (OT) results in solutions that are spread across larger geographic areas, increasingly consist of interconnected Industrial Internet of Things (IIOT) devices and software, rely on the integration of legacy with modern technologies, use of complex supply chain components leading to complex architectures and communication paths. The result is that multiple parties collectively own and operate these emergent technologies, threat actors find new paths to exploit, and traditional cybersecurity controls are inadequate. Our approach is to explicitly identify and draw data flows that cross trust boundaries between owners and operators of various aspects of these emerging and interconnected technologies. On these data flows, we layer potential attack vectors to create a frame of reference for evaluating possible risks against connected technologies. Finally, we identify where existing controls, mitigations, and other remediations exist across industry partners (e.g., suppliers, product vendors, integrators, water utilities, and regulators). From these, we are able to understand potential gaps in security, the roles in the supply chain that are most likely to effectively remediate those security gaps, and test cases to evaluate and strengthen security across these partners. This informs a “shared responsibility” solution that recognises that security is multi-layered and requires collaboration to be successful. This shared responsibility security framework improves visibility, understanding, and control across the entire supply chain, and particularly for those water utilities that are accountable for safe and continuous operations.

Keywords: Cyber security, shared responsibility, IIOT, threat modelling.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 68

Authors: K.H. Yang

Abstract:

After the terrorist attack on September 11, 2001 in U.S., the container security issue got high attention, especially by U.S. government, which deployed a lot of measures to promote or improve security systems. U.S. government not only enhances its national security system, but allies with other countries against the potential terrorist attacks in the future. For example CSI (Container Security Initiative), it encourages foreign ports outside U.S. to become CSI ports as a part of U.S. anti-terrorism network. Although promotion of the security could partly reach the goal of anti-terrorism, that will influence the efficiency of container supply chain, which is the main concern when implementing the inspection measurements. This paper proposes a quick estimation methodology for an inspection service rate by a berth allocation heuristic such that the inspection activities will not affect the original container supply chain. Theoretical and simulation results show this approach is effective.

Keywords: Berth allocation, Container, Heuristic, Inspection.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1375

Authors: Karakulov Y., Baizakova K.

Abstract:

Kazakhstan attaches the great importance to cooperation with European countries within the framework of multilateral security organizations such as NATO. Cooperation of Kazakhstan with the NATO is a prominent aspect of strengthening of regional security of republic. It covers a wide spectrum of areas, such as reform of sector of defense and security, military operative compatibility of armed forces of NATO member-countries and Kazakhstan, civil emergency planning and scientific cooperation. The cooperation between Kazakhstan and NATO is based on the mutual interests of neighboring republics in the region so that the existing forms of cooperation between Kazakhstan and NATO will not be negatively perceived both in Asia as well as among CIS countries. Kazakhstan tailors its participation in the PfP programme through an annual Individual Partnership Programme, selecting those activities that will help achieve the goals it has set in the IPAP. Level of cooperation within the limits of PfP essentially differs on each republic. Cooperation with Kazakhstan progressed most of all since has been signed IPAP from the NATO

Keywords: Central Asia, Kazakhstan, NATO cooperation, regional security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2135

Authors: Daniel J. Glauber

Abstract:

Knowledge transfer between personnel could benefit an organization’s improved competitive advantage in the marketplace from a strategic approach to knowledge management. The lack of information sharing between personnel could create knowledge transfer gaps while restricting the decision-making processes. Knowledge transfer between personnel can potentially improve information sharing based on an implemented knowledge management strategy. An organization’s capacity to gain more knowledge is aligned with the organization’s prior or existing captured knowledge. This case study attempted to understand the overall influence of a KMS within the corporate environment and knowledge exchange between personnel. The significance of this study was to help understand how organizations can improve the Return on Investment (ROI) of a knowledge management strategy within a knowledge-centric organization. A qualitative descriptive case study was the research design selected for this study. The lack of information sharing between personnel may create knowledge transfer gaps while restricting the decision-making processes. Developing a knowledge management strategy acceptable at all levels of the organization requires cooperation in support of a common organizational goal. Working with management and executive members to develop a protocol where knowledge transfer becomes a standard practice in multiple tiers of the organization. The knowledge transfer process could be measurable when focusing on specific elements of the organizational process, including personnel transition to help reduce time required understanding the job. The organization studied in this research acknowledged the need for improved knowledge management activities within the organization to help organize, retain, and distribute information throughout the workforce. Data produced from the study indicate three main themes including information management, organizational culture, and knowledge sharing within the workforce by the participants. These themes indicate a possible connection between an organizations KMS, the organizations culture, knowledge sharing, and knowledge transfer.

Keywords: Knowledge management strategies, knowledge transfer, knowledge management, knowledge capacity.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1922

Authors: Saif Al-alak, Zuriati Ahmed, Azizol Abdullah, Shamala Subramiam

Abstract:

In this paper, we argue the security protocols of ZigBee wireless sensor network in MAC layer. AES 128-bit encryption algorithm in CCM* mode is secure transferred data; however, AES-s secret key will be break within nearest future. Efficient public key algorithm, ECC has been mixed with AES to rescue the ZigBee wireless sensor from cipher text and replay attack. Also, the proposed protocol can parallelize the integrity function to increase system performance.

Keywords: AES, ECC, Multi-level security, ZigBee

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 3326

Authors: Haibo Hu, Hong Xiang

Abstract:

Due to its special data structure and manipulative principle, Object-Oriented Database (OODB) has a particular security protection and authorization methods. This paper first introduces the features of security mechanism about OODB, and then talked about authorization checking process of OODB. Implicit authorization mechanism is based on the subject hierarchies, object hierarchies and access hierarchies of the security authorization modes, and simplifies the authorization mode. In addition, to combine with other authorization mechanisms, implicit authorization can make protection on the authorization of OODB expediently and effectively.

Keywords: Object-oriented database(OODB), security protection, authorization mechanism, implicit authorization, authorization check.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1671

Authors: Rinkaj Goyal, Pravin Chandra, Yogesh Singh

Abstract:

In this paper we describe our efforts to design and implement an agent development framework that has the potential to scale to the size of any underlying network suitable for various ECommerce activities. The main novelty in our framework is it-s capability to allow the development of sophisticated, secured agents which are simple enough to be practical. We have adopted FIPA agent platform reference Model as backbone for implementation along with XML for agent Communication and Java Cryptographic Extension and architecture to realize the security of communication information between agents. The advantage of our architecture is its support of agents development in different languages and Communicating with each other using a more open standard i.e. XML

Keywords: Agent, Agent Development Framework, Agent Coordination, Security

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1581

Authors: M. Osipova

Abstract:

Thanks to informational technologies development every sphere of economics is becoming more and more datacentralized as people are generating huge datasets containing information on any aspect of their life. Applying research of such data to human resources management allows getting scarce statistics on labor market state including salary expectations and potential employees’ typical career behavior, and this information can become a reliable basis for management decisions. The following article presents results of career behavior research based on freely accessible resume data. Information used for study is much wider than one usually uses in human resources surveys. That is why there is enough data for statistically significant results even for subgroups analysis.

Keywords: Human resources management, labor market, salary expectations, statistics, turnover.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1808

Authors: Fatema Akram, Mohammad G. Rasul, M. Masud K. Khan, M. Sharif I. I. Amir

Abstract:

Australia is a country of some 7,700 million square kilometers with a population of about 22.6 million. At present water security is a major challenge for Australia. In some areas the use of water resources is approaching and in some parts it is exceeding the limits of sustainability. A focal point of proposed national water conservation programs is the recycling of both urban stormwater and treated wastewater. But till now it is not widely practiced in Australia, and particularly stormwater is neglected. In Australia, only 4% of stormwater and rainwater is recycled, whereas less than 1% of reclaimed wastewater is reused within urban areas. Therefore, accurately monitoring, assessing and predicting the availability, quality and use of this precious resource are required for better management. As stormwater is usually of better quality than untreated sewage or industrial discharge, it has better public acceptance for recycling and reuse, particularly for non-potable use such as irrigation, watering lawns, gardens, etc. Existing stormwater recycling practice is far behind of research and no robust technologies developed for this purpose. Therefore, there is a clear need for using modern technologies for assessing feasibility of stormwater harvesting and reuse. Numerical modeling has, in recent times, become a popular tool for doing this job. It includes complex hydrological and hydraulic processes of the study area. The hydrologic model computes stormwater quantity to design the system components, and the hydraulic model helps to route the flow through stormwater infrastructures. Nowadays water quality module is incorporated with these models. Integration of Geographic Information System (GIS) with these models provides extra advantage of managing spatial information. However for the overall management of a stormwater harvesting project, Decision Support System (DSS) plays an important role incorporating database with model and GIS for the proper management of temporal information. Additionally DSS includes evaluation tools and Graphical user interface. This research aims to critically review and discuss all the aspects of stormwater harvesting and reuse such as available guidelines of stormwater harvesting and reuse, public acceptance of water reuse, the scopes and recommendation for future studies. In addition to these, this paper identifies, understand and address the importance of modern technologies capable of proper management of stormwater harvesting and reuse.

Keywords: Stormwater Management, Stormwater Harvesting and Reuse, Numerical Modeling, Geographic Information System (GIS), Decision Support System (DSS), Database.

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 2973